Skip to content

Commit

Permalink
fix detector writeTo() method missing fields (opensearch-project#695)
Browse files Browse the repository at this point in the history
* fix detector writeTo() method missing fields

Signed-off-by: Surya Sashank Nistala <[email protected]>

* fix test

Signed-off-by: Surya Sashank Nistala <[email protected]>

---------

Signed-off-by: Surya Sashank Nistala <[email protected]>
  • Loading branch information
eirsep authored and engechas committed Mar 14, 2024
1 parent fbc0416 commit 7357bb4
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 8 deletions.
20 changes: 12 additions & 8 deletions src/main/java/org/opensearch/securityanalytics/model/Detector.java
Original file line number Diff line number Diff line change
Expand Up @@ -159,12 +159,12 @@ public Detector(StreamInput sin) throws IOException {
sin.readList(DetectorInput::readFrom),
sin.readList(DetectorTrigger::readFrom),
sin.readStringList(),
sin.readString(),
sin.readString(),
sin.readString(),
sin.readString(),
sin.readString(),
sin.readString(),
sin.readOptionalString(),
sin.readOptionalString(),
sin.readOptionalString(),
sin.readOptionalString(),
sin.readOptionalString(),
sin.readOptionalString(),
sin.readMap(StreamInput::readString, StreamInput::readString)
);
}
Expand Down Expand Up @@ -197,8 +197,12 @@ public void writeTo(StreamOutput out) throws IOException {
it.writeTo(out);
}
out.writeStringCollection(monitorIds);
out.writeString(ruleIndex);

out.writeOptionalString(ruleIndex);
out.writeOptionalString(alertsIndex);
out.writeOptionalString(alertsHistoryIndex);
out.writeOptionalString(alertsHistoryIndexPattern);
out.writeOptionalString(findingsIndex);
out.writeOptionalString(findingsIndexPattern);
out.writeMap(ruleIdMonitorIdMap, StreamOutput::writeString, StreamOutput::writeString);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,42 @@
import java.io.IOException;
import java.util.List;

import static org.opensearch.securityanalytics.TestHelpers.parser;
import static org.opensearch.securityanalytics.TestHelpers.randomDetector;
import static org.opensearch.securityanalytics.TestHelpers.randomUser;
import static org.opensearch.securityanalytics.TestHelpers.randomUserEmpty;
import static org.opensearch.securityanalytics.TestHelpers.toJsonStringWithUser;

public class WriteableTests extends OpenSearchTestCase {

public void testDetectorAsStream() throws IOException {
Detector detector = randomDetector(List.of());
detector.setInputs(List.of(new DetectorInput("", List.of(), List.of(), List.of())));
logger.error(toJsonStringWithUser(detector));
BytesStreamOutput out = new BytesStreamOutput();
detector.writeTo(out);
StreamInput sin = StreamInput.wrap(out.bytes().toBytesRef().bytes);
Detector newDetector = new Detector(sin);
Assert.assertEquals("Round tripping Detector doesn't work", detector, newDetector);
}

public void testDetector() throws IOException { // an edge case of detector serialization that failed testDetectorAsAStream() intermittently
String detectorString = "{\"type\":\"detector\",\"name\":\"MczAuRCrve\",\"detector_type\":\"test_windows\"," +
"\"user\":{\"name\":\"QhKrfthgxw\",\"backend_roles\":[\"uYvGLCPhfX\",\"fOLkcRxMWR\"],\"roles\"" +
":[\"YuucNpVzTm\",\"all_access\"],\"custom_attribute_names\":[\"test_attr=test\"]," +
"\"user_requested_tenant\":null},\"threat_intel_enabled\":false,\"enabled\":false,\"enabled_time\"" +
":null,\"schedule\":{\"period\":{\"interval\":5,\"unit\":\"MINUTES\"}},\"inputs\":[{\"detector_input\"" +
":{\"description\":\"\",\"indices\":[],\"custom_rules\":[],\"pre_packaged_rules\":[]}}],\"triggers\"" +
":[{\"id\":\"SiWfaosBBiNA8if0E1bC\",\"name\":\"windows-trigger\",\"severity\":\"1\",\"types\"" +
":[\"test_windows\"],\"ids\":[\"QuarksPwDump Clearing Access History\"],\"sev_levels\":[\"high\"]," +
"\"tags\":[\"T0008\"],\"actions\":[],\"detection_types\":[\"rules\"]}],\"last_update_time\":" +
"1698300892093,\"monitor_id\":[\"\"],\"workflow_ids\":[],\"bucket_monitor_id_rule_id\"" +
":{},\"rule_topic_index\":\"\",\"alert_index\":\"\",\"alert_history_index\":\"\"," +
"\"alert_history_index_pattern\":\"\",\"findings_index\":\"\",\"findings_index_pattern\":\"\"}";
Detector detector = Detector.parse(parser(detectorString), null, null);
// Detector detector = randomDetector(List.of());
// detector.setInputs(List.of(new DetectorInput("", List.of(), List.of(), List.of())));
// logger.error(toJsonStringWithUser(detector));
BytesStreamOutput out = new BytesStreamOutput();
detector.writeTo(out);
StreamInput sin = StreamInput.wrap(out.bytes().toBytesRef().bytes);
Expand Down

0 comments on commit 7357bb4

Please sign in to comment.